User guide
Chapter 10: Creating Aliases and Implementing Authentication
128 WatchGuard Firebox System
a user workstation may have several different IP addresses over the
course of a week. Authentication by user is also useful in education
environments, such as classrooms and college computer centers where
many different people might use the same IP address over the course of
the day. For more information on authentication, see the following
collection of FAQs:
https://support.watchguard.com/advancedfaqs/auth_main.asp
Using Aliases
Aliases provide a simple way to remember host IP addresses, host ranges,
and network IP addresses. They function in a similar fashion to email
distribution lists–combining addresses and names into easily
recognizable groups. Use aliases to quickly build service filter rules.
Aliases cannot, however, be used to configure the network itself.
WatchGuard automatically adds six aliases to the basic configuration:
A host alias takes precedence over a Windows NT or RADIUS group with
the same name.
Adding an alias
From Policy Manager:
1 Select Setup => Aliases.
The Aliases dialog box appears, as shown in the following figure.
Group Function
firebox Addresses assigned to the three Firebox interfaces and any
related networks or device aliases
trusted Any host or network routed through the physical Trusted
interface
optional Any host or network routed through the physical Optional
interface
external Any host or network routed through the physical External
interface; in most cases, the Internet
dvcp_nets Any network behind the DVCP client
dvcp_local_nets Any network behind the DVCP server